give.rainn.org Open in urlscan Pro
13.224.189.83 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://give.rainn.org/P2P/ZQUJANcw5kORSP0-JxSN2A2/9HZhE64TEe2ZTQAiSCWImA2
Submission: On August 04 via automatic, source links-suspicious (August 4th 2024, 4:24:38 pm UTC) — Scanned from DE

Summary HTTP 58 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 22 IPs in 4 countries across 20 domains to perform 58 HTTP transactions. The main IP is 13.224.189.83, located in United States and belongs to AMAZON-02, US. The main domain is give.rainn.org.
TLS certificate: Issued by Amazon RSA 2048 M03 on July 29th 2024. Valid for: a year.

This is the only time give.rainn.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	13.224.189.83 13.224.189.83	16509 (AMAZON-02) (AMAZON-02)
6	2600:9000:249... 2600:9000:2490:6400:3:1d53:4780:93a1	16509 (AMAZON-02) (AMAZON-02)
5	20.209.68.129 20.209.68.129	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	3.160.150.114 3.160.150.114	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	15133 (EDGECAST) (EDGECAST)
3	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
6	45.60.33.183 45.60.33.183	19551 (INCAPSULA) (INCAPSULA)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
2	20.50.88.242 20.50.88.242	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	20.172.164.4 20.172.164.4	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	3.160.150.15 3.160.150.15	16509 (AMAZON-02) (AMAZON-02)
2	13.248.139.42 13.248.139.42	16509 (AMAZON-02) (AMAZON-02)
7	3.74.79.230 3.74.79.230	16509 (AMAZON-02) (AMAZON-02)
1	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
58	22

5 13.224.189.83 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-83.fra2.r.cloudfront.net

give.rainn.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2490:6400:3:1d53:4780:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.everyaction.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 20.209.68.129 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

nvlupin.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.160.150.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-114.fra60.r.cloudfront.net

js.verygoodvault.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 45.60.33.183 (United States)

ASN19551 (INCAPSULA, US)

secure.everyaction.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
edge-secure.everyaction.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fastaction.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.50.88.242 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 20.172.164.4 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

doublethedonation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.160.150.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-15.fra60.r.cloudfront.net

js.verygoodvault.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.139.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: ae1d37305401c759d.awsglobalaccelerator.com

payments.braintree-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.74.79.230 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-74-79-230.eu-central-1.compute.amazonaws.com

client-analytics.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

checkout.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	everyaction.com static.everyaction.com — Cisco Umbrella Rank: 146326 secure.everyaction.com — Cisco Umbrella Rank: 151253 edge-secure.everyaction.com	305 KB
7	braintreegateway.com client-analytics.braintreegateway.com — Cisco Umbrella Rank: 11587	1 KB
5	windows.net nvlupin.blob.core.windows.net — Cisco Umbrella Rank: 171301	274 KB
5	rainn.org 1 redirects give.rainn.org	25 KB
4	doublethedonation.com doublethedonation.com — Cisco Umbrella Rank: 91782	143 KB
4	verygoodvault.com js.verygoodvault.com — Cisco Umbrella Rank: 45244	44 KB
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3773
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	326 KB
2	braintree-api.com payments.braintree-api.com — Cisco Umbrella Rank: 13056	1011 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	3 KB
2	visualstudio.com dc.services.visualstudio.com — Cisco Umbrella Rank: 853	200 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104	21 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	74 KB
1	paypal.com checkout.paypal.com — Cisco Umbrella Rank: 20186
1	ngpvan.com fastaction.ngpvan.com — Cisco Umbrella Rank: 287261	1 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6716	63 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 252	244 B
1	gstatic.com fonts.gstatic.com	14 KB
1	msecnd.net az416426.vo.msecnd.net — Cisco Umbrella Rank: 5485	47 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	977 B
58	20

	Domain	Requested by
7	client-analytics.braintreegateway.com	az416426.vo.msecnd.net
6	static.everyaction.com	give.rainn.org static.everyaction.com
5	nvlupin.blob.core.windows.net	give.rainn.org
5	give.rainn.org	1 redirects give.rainn.org
4	doublethedonation.com	static.everyaction.com doublethedonation.com az416426.vo.msecnd.net
4	secure.everyaction.com	static.everyaction.com az416426.vo.msecnd.net
4	js.verygoodvault.com	give.rainn.org js.verygoodvault.com
3	region1.analytics.google.com	az416426.vo.msecnd.net
3	www.googletagmanager.com	give.rainn.org www.googletagmanager.com www.google-analytics.com
2	payments.braintree-api.com	az416426.vo.msecnd.net
2	www.facebook.com
2	dc.services.visualstudio.com	az416426.vo.msecnd.net
2	www.google-analytics.com	www.googletagmanager.com az416426.vo.msecnd.net
2	connect.facebook.net	give.rainn.org connect.facebook.net
1	checkout.paypal.com	static.everyaction.com
1	fastaction.ngpvan.com	az416426.vo.msecnd.net
1	www.google.de
1	stats.g.doubleclick.net	www.googletagmanager.com
1	edge-secure.everyaction.com
1	fonts.gstatic.com	fonts.googleapis.com
1	az416426.vo.msecnd.net	give.rainn.org
1	fonts.googleapis.com	nvlupin.blob.core.windows.net
58	22

This site contains links to these domains. Also see Links.

Domain
rainn.org
fastaction.ngpvan.com
www.charitynavigator.org
www.charitywatch.org
www.everyaction.com

Subject Issuer	Validity	Valid
rainn-oa.edge.targetedaction.net Amazon RSA 2048 M03	`2024-07-29` - `2025-08-27`	a year	crt.sh
static.everyaction.com Amazon RSA 2048 M03	`2024-04-08` - `2025-05-07`	a year	crt.sh
*.blob.core.windows.net Microsoft Azure RSA TLS Issuing CA 08	`2024-03-27` - `2025-03-22`	a year	crt.sh
*.verygoodvault.com Amazon RSA 2048 M02	`2023-12-19` - `2025-01-16`	a year	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2024-06-06` - `2025-06-06`	a year	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.everyaction.com RapidSSL TLS ECC CA G1	`2024-03-04` - `2025-03-03`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-05-14` - `2024-08-12`	3 months	crt.sh
prod.ai.ingestion.msftcloudes.com Microsoft Azure RSA TLS Issuing CA 03	`2024-06-25` - `2025-06-20`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google.de WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
www.doublethedonation.com Sectigo RSA Domain Validation Secure Server CA	`2024-01-20` - `2025-02-19`	a year	crt.sh
*.ngpvan.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-11-07` - `2024-11-06`	a year	crt.sh
payments.braintree-api.com DigiCert SHA2 Extended Validation Server CA	`2023-08-23` - `2024-09-22`	a year	crt.sh
client-analytics.braintreegateway.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-24` - `2025-01-23`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2024-06-13` - `2025-06-12`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://give.rainn.org/P2P/ZQUJANcw5kORSP0-JxSN2A2/9HZhE64TEe2ZTQAiSCWImA2
Frame ID: FE70BD35C01E5653CE7363E2A9B01FB9
Requests: 49 HTTP requests in this frame

Frame: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Frame ID: CB7A56C4D6A64971149358E629307640
Requests: 1 HTTP requests in this frame

Frame: https://secure.everyaction.com/FormProgress/5wIZNlYuv0iWAHnanbD7kw2?formShortCode=ZQUJANcw5kORSP0-JxSN2A2
Frame ID: FA64ACF6C8DDC6E6D1BAB9A28275BC0F
Requests: 1 HTTP requests in this frame

Frame: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Frame ID: 379FB7DAB38775E83BB89837692404D6
Requests: 1 HTTP requests in this frame

Frame: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Frame ID: B275241274E4FFF9187F6E0660B924B3
Requests: 1 HTTP requests in this frame

Frame: https://checkout.paypal.com/web/3.44.2/html/dispatch-frame.min.html
Frame ID: C65985178A1F5218253824E92560F376
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Thanks for visiting my fundraising page!

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

Page Statistics

58
Requests

98 %
HTTPS

52 %
IPv6

20
Domains

22
Subdomains

22
IPs

4
Countries

1281 kB
Transfer

3639 kB
Size

16
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: http://rainn.org/

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/##whats-this
Title: ?

Search URL Search Domain Scan URL

URL: https://rainn.org/make-crypto-contribution
Title: To donate cryptocurrency instead, click here.

Search URL Search Domain Scan URL

URL: https://www.charitynavigator.org/ein/521886511

Search URL Search Domain Scan URL

URL: https://www.charitywatch.org/top-rated-charities/human-rights

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/sign_up
Title: Sign up with your email address

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/terms
Title: terms of service

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/privacy
Title: privacy policy.

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/log_in
Title: Log in with your email address

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/actionid_signup
Title: Sign up with your email address

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/actionid
Title: Log in with your email address

Search URL Search Domain Scan URL

URL: http://www.everyaction.com/?utm_source=act.myngp.com&utm_medium=poweredby&utm_campaign=ngpnext
Title: EveryAction

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://give.rainn.org/favicon.ico HTTP 301
https://edge-secure.everyaction.com/Content/images/favicon.ico

58 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 9HZhE64TEe2ZTQAiSCWImA2 Show response
give.rainn.org/P2P/ZQUJANcw5kORSP0-JxSN2A2/ 14 KB
5 KB 330ms
176ms Document
text/html 13.224.189.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://give.rainn.org/P2P/ZQUJANcw5kORSP0-JxSN2A2/9HZhE64TEe2ZTQAiSCWImA2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.83 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-83.fra2.r.cloudfront.net

Software

Resource Hash

d6518c5c6936d39620cd1920fa0d58df3163c265c4bead6f3109b9e73e9238d2

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-expose-headers: Request-Context
cache-control: private
content-encoding: gzip
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
content-type: text/html; charset=utf-8
date: Sun, 04 Aug 2024 16:24:30 GMT
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 eab88762658052b4a1e386f8521a38ce.cloudfront.net (CloudFront)
x-amz-cf-id: OYVTutXXjHPnALda4g4FhfvcBWI58N-acDUwWY87QfSaGQL2c_oGNw==
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
x-cdn: Imperva
x-content-type-options: nosniff
x-iinfo: 6-22862527-22847235 pNNy RT(1722788670281 1) q(0 0 0 0) r(2 2) U2
x-xss-protection: 1; mode=block

GET
H2 200 published.css
give.rainn.org/Content/css/forms/ 539 B
990 B 105ms
103ms Stylesheet
text/css 13.224.189.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://give.rainn.org/Content/css/forms/published.css
Requested by: Host: give.rainn.org
URL: https://give.rainn.org/P2P/ZQUJANcw5kORSP0-JxSN2A2/9HZhE64TEe2ZTQAiSCWImA2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-83.fra2.r.cloudfront.net
Software: /
Resource Hash: 76514bd1f76340cd0b5cb4bea2f98f0eafa04f3514f8bbb8c72685d5f50ac436

Request headers

Referer: https://give.rainn.org/P2P/ZQUJANcw5kORSP0-JxSN2A2/9HZhE64TEe2ZTQAiSCWImA2
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 16:24:31 GMT
content-encoding: gzip
via: 1.1 eab88762658052b4a1e386f8521a38ce.cloudfront.net (CloudFront)
last-modified: Thu, 01 Aug 2024 08:54:12 GMT
x-cdn: Imperva
x-amz-cf-pop: FRA2-C1
etag: "092161f0e3da1:0"
x-cache: Miss from cloudfront
content-type: text/css
x-iinfo: 13-38690089-38685252 2CNN RT(1722788668234 2490) q(0 0 0 1) r(0 0) U18
content-length: 360
x-amz-cf-id: 2nAqDBSVjTnxOE_SC4k2hKk37Y2BYlLZSTxoCkOHFQJfTBn0q5oLuQ==

GET
H2 200 at.js Show response
static.everyaction.com/ea-actiontag/ 835 KB
240 KB 67ms
9ms Script
application/javascript 2600:9000:2490:6400:3:1d53:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.everyaction.com/ea-actiontag/at.js
Requested by: Host: give.rainn.org
URL: https://give.rainn.org/P2P/ZQUJANcw5kORSP0-JxSN2A2/9HZhE64TEe2ZTQAiSCWImA2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:6400:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 99e5303bce247df6e67f267d1951d2cafc9cde5ebc5d0dd965d303fe7ae83dee

Request headers

Referer: https://give.rainn.org/
Origin: https://give.rainn.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 15:44:26 GMT
content-encoding: gzip
via: 1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 2406
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 245478
last-modified: Tue, 30 Jul 2024 15:44:10 GMT
server: AmazonS3
etag: "233af5dcec943e342203c5ca3fff14a7"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900, s-maxage=86400, public
accept-ranges: bytes
x-amz-cf-id: ZsBJ4vl62qaCcgBn1gBlDg-1Z2CJ3K6HaT2W4gXmHv3rJMwSZvlvNA==

GET
H2 200 at.min.css
static.everyaction.com/ea-actiontag/ 59 KB
12 KB 64ms
7ms Stylesheet
text/css 2600:9000:2490:6400:3:1d53:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.everyaction.com/ea-actiontag/at.min.css
Requested by: Host: give.rainn.org
URL: https://give.rainn.org/P2P/ZQUJANcw5kORSP0-JxSN2A2/9HZhE64TEe2ZTQAiSCWImA2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:6400:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 66c024f48785329a01c0349b9a90ad3878cf9f36275468f476fa7bdd924356a1

Request headers

Referer: https://give.rainn.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 15:44:32 GMT
content-encoding: gzip
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 2400
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 11716
last-modified: Tue, 30 Jul 2024 15:44:10 GMT
server: AmazonS3
etag: "3c81f4f62b7fa53b6a54fa72a70d1afa"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900, s-maxage=86400, public
accept-ranges: bytes
x-amz-cf-id: bieqyCmKBHtYQ12RB72w1Q9SLqAlAiVAgl1K8KVHpO31BovZZuCNYA==

GET
H/1.1 200
OK RAINNformstyling_panelcontentwhite.css
nvlupin.blob.core.windows.net/images/van/EA/EA015/1/93055/images/ 3 KB
4 KB 524ms
99ms Stylesheet
text/css 20.209.68.129
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://nvlupin.blob.core.windows.net/images/van/EA/EA015/1/93055/images/RAINNformstyling_panelcontentwhite.css
Requested by: Host: give.rainn.org
URL: https://give.rainn.org/P2P/ZQUJANcw5kORSP0-JxSN2A2/9HZhE64TEe2ZTQAiSCWImA2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.209.68.129 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 6bd98bbadffead32a0913e7e38925ded27b97554b332519f0c5f30a6f235359a

Request headers

Referer: https://give.rainn.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 04 Aug 2024 16:24:30 GMT
Last-Modified: Thu, 10 Feb 2022 18:02:27 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8D9ECBF7FC810CB
Content-Type: text/css
Access-Control-Allow-Origin: *
x-ms-request-id: 6dc14722-501e-0050-6b8a-e6a7c0000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 3331

GET
H/1.1 200
OK P2P_Fundraiser_Pg_image_9.13.23.jpg
nvlupin.blob.core.windows.net/images/van/EA/EA015/1/93055/images/ 132 KB
132 KB 530ms
105ms Image
image/jpeg 20.209.68.129
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nvlupin.blob.core.windows.net/images/van/EA/EA015/1/93055/images/P2P_Fundraiser_Pg_image_9.13.23.jpg
Requested by: Host: give.rainn.org
URL: https://give.rainn.org/P2P/ZQUJANcw5kORSP0-JxSN2A2/9HZhE64TEe2ZTQAiSCWImA2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.209.68.129 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: fc87cbffa19068476b549153877c4b783aff459cb240980aef8f8f6c9c43ed57

Request headers

Referer: https://give.rainn.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 04 Aug 2024 16:24:30 GMT
Last-Modified: Thu, 14 Sep 2023 18:04:33 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8DBB54D0D0101B8
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
x-ms-request-id: 900aa4c8-501e-000d-7b8a-e6ad44000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 134959

GET
H/1.1 200
OK vgs-collect.js Show response
js.verygoodvault.com/vgs-collect/2.18.4/ 134 KB
44 KB 104ms
22ms Script
application/javascript 3.160.150.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.18.4/vgs-collect.js
Requested by: Host: give.rainn.org
URL: https://give.rainn.org/P2P/ZQUJANcw5kORSP0-JxSN2A2/9HZhE64TEe2ZTQAiSCWImA2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-114.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 575b2165304d899b7001ab593aeee31b371a46aee8b899c22a87ab9313389eda

Request headers

Referer: https://give.rainn.org/
Origin: https://give.rainn.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: jfBMjoXBTwBLxrf4sD.h_N_F9QJn5gdY
Content-Encoding: gzip
Via: 1.1 b77e6c4c926acdb5c1a30b7465e6750e.cloudfront.net (CloudFront)
Date: Sun, 04 Aug 2024 16:23:48 GMT
X-Amz-Cf-Pop: FRA60-P7
Age: 43
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 16 Mar 2023 10:29:55 GMT
Server: AmazonS3
ETag: W/"156be461dd96d02fce3792c020f7748a"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=60
X-Amz-Cf-Id: 5q592rrXZZfKjw1qJFhmf9XSXYo2nyX0oEUDFJDEWZ9DfONfjbROeQ==

GET
H2 200 _Incapsula_Resource Show response
give.rainn.org/ 70 KB
17 KB 42ms
42ms Script
application/javascript 13.224.189.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://give.rainn.org/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=4&cb=1156024380
Requested by: Host: give.rainn.org
URL: https://give.rainn.org/P2P/ZQUJANcw5kORSP0-JxSN2A2/9HZhE64TEe2ZTQAiSCWImA2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-83.fra2.r.cloudfront.net
Software: /
Resource Hash: fd60aaf2a99d0c3f3087221bd87b39106b86093c5a19f4e268cfc1e75e453267

Request headers

Referer: https://give.rainn.org/P2P/ZQUJANcw5kORSP0-JxSN2A2/9HZhE64TEe2ZTQAiSCWImA2
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 16:24:31 GMT
content-encoding: gzip
via: 1.1 eab88762658052b4a1e386f8521a38ce.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 17084
x-amz-cf-id: loOwqUh0yV2DR1FPXdZpjQDpQYRzLFMoHb3Nc7KDEY7-AtqXb1dcoQ==

GET
H2 200 css
fonts.googleapis.com/ 2 KB
977 B 43ms
17ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Mulish&display=swap

Requested by

Host: nvlupin.blob.core.windows.net
URL: https://nvlupin.blob.core.windows.net/images/van/EA/EA015/1/93055/images/RAINNformstyling_panelcontentwhite.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

726ae17a0fb81567b8ec6b892806fb51865914c7e04c7040070cddf76463d5da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://nvlupin.blob.core.windows.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 04 Aug 2024 16:24:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 04 Aug 2024 16:24:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 04 Aug 2024 16:24:31 GMT

GET
H2 200 ai.2.min.js Show response
az416426.vo.msecnd.net/scripts/b/ 120 KB
47 KB 66ms
15ms Script
text/javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Requested by: Host: give.rainn.org
URL: https://give.rainn.org/P2P/ZQUJANcw5kORSP0-JxSN2A2/9HZhE64TEe2ZTQAiSCWImA2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48C5) /
Resource Hash: bde9be4cbe799089a419225f87c2a9986043f6c7cb55853aaadab7200713f136

Request headers

Referer: https://give.rainn.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 04 Aug 2024 16:24:32 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-07 00:07:47
content-md5: MPOa5dHQWkOQRqdkBRC0hg==
age: 1341
x-cache: HIT
x-ms-meta-aijssdksrc: [cdn]/scripts/b/ai.2.8.18.min.js
content-length: 48078
x-ms-lease-status: unlocked
last-modified: Wed, 20 Mar 2024 17:31:27 GMT
server: ECAcc (ama/48C5)
x-ms-meta-aijssdkver: 2.8.18
etag: 0x8DC490392FC747D
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 4ad1c0fd-f01e-003f-4587-e691f1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800, immutable, no-transform
x-ms-version: 2009-09-19
expires: Sun, 04 Aug 2024 16:54:32 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 349 KB
112 KB 69ms
36ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-THW572

Requested by

Host: give.rainn.org
URL: https://give.rainn.org/P2P/ZQUJANcw5kORSP0-JxSN2A2/9HZhE64TEe2ZTQAiSCWImA2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d85d9fe67c98bfc4003a3d06457d29c3e29ff64ee504d78c354e752dbba7babc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://give.rainn.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 16:24:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 114239
x-xss-protection: 0
last-modified: Sun, 04 Aug 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 04 Aug 2024 16:24:32 GMT

GET
H2 200 1Ptyg83HX_SGhgqO0yLcmjzUAuWexZNR8aevGw.woff2
fonts.gstatic.com/s/mulish/v13/ 13 KB
14 KB 53ms
6ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptyg83HX_SGhgqO0yLcmjzUAuWexZNR8aevGw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e7fe0edbc32bbda00bdef6dc0241bc78277a37d4ceeab5991c64d11915746b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.rainn.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 17:20:26 GMT
x-content-type-options: nosniff
age: 428646
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13508
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:29:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Jul 2025 17:20:26 GMT

GET
H2 200 extra.min.css
static.everyaction.com/ea-actiontag/ 78 KB
14 KB 14ms
12ms Stylesheet
text/css 2600:9000:2490:6400:3:1d53:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.everyaction.com/ea-actiontag/extra.min.css
Requested by: Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:6400:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f049a1747942f985c6646afbd37119ecc9e8f088db5e98e2a04f8f1f77d5de71

Request headers

Referer: https://give.rainn.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 15:44:38 GMT
content-encoding: gzip
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 2400
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 14169
last-modified: Tue, 30 Jul 2024 15:44:10 GMT
server: AmazonS3
etag: "ec29cca160d3f208ca6d6b6bc78572ce"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900, s-maxage=86400, public
accept-ranges: bytes
x-amz-cf-id: jxZd4KIxHZrmXJAh5KNblnw0wrYUqgWjyekU-t9WqDWQaIbMsuBPpQ==

GET
H2 200 9HZhE64TEe2ZTQAiSCWImA2 Show response
secure.everyaction.com/v1/Forms/P2P/ZQUJANcw5kORSP0-JxSN2A2/ 22 KB
8 KB 541ms
440ms XHR
application/json 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.everyaction.com/v1/Forms/P2P/ZQUJANcw5kORSP0-JxSN2A2/9HZhE64TEe2ZTQAiSCWImA2

Requested by

Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d407171004a70597d6c62fe564ea558e4fa5ade8d51afaa7043f9c0f8e2a9b39

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://give.rainn.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 16:24:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-cdn: Imperva
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-iinfo: 13-36442089-36442094 NNNN CT(87 183 0) RT(1722788671277 25) q(0 0 3 47) r(4 4) U2
content-length: 7634
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
pragma: no-cache
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://give.rainn.org
access-control-expose-headers: Request-Context
cache-control: no-cache
access-control-allow-credentials: true
expires: -1

GET
H2 200 _Incapsula_Resource
give.rainn.org/ 1 B
530 B 33ms
33ms Image
text/plain 13.224.189.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://give.rainn.org/_Incapsula_Resource?SWKMTFSR=1&e=0.19202440633626439
Requested by: Host: give.rainn.org
URL: https://give.rainn.org/P2P/ZQUJANcw5kORSP0-JxSN2A2/9HZhE64TEe2ZTQAiSCWImA2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-83.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://give.rainn.org/P2P/ZQUJANcw5kORSP0-JxSN2A2/9HZhE64TEe2ZTQAiSCWImA2
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 16:24:32 GMT
via: 1.1 eab88762658052b4a1e386f8521a38ce.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-type: text/plain
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
x-amz-cf-id: uP-SzkIhg_0POPmsdMDzG7ky0KYYhXWbO6P2Xe5pyV27PO_1ftU9GQ==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
60 KB 25ms
9ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: give.rainn.org
URL: https://give.rainn.org/P2P/ZQUJANcw5kORSP0-JxSN2A2/9HZhE64TEe2ZTQAiSCWImA2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://give.rainn.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 04 Aug 2024 16:24:32 GMT
document-policy: force-load-at-top
x-fb-server-load: 30
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58865
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1328, tbw=2807, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: ouwR/PkbFJJDo03jU3tv2V2Bhlh7OHztIIuxwZqHfYaqc5Yr2K4UG7JJnPXPqrWzqGgAIW6QFulsh+k2gHjyyw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 330 KB
106 KB 33ms
32ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HQTMLQ947D&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THW572

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

96e41d11ea5df0cdb8347f9c81484b4e707c166a6bd66d1e30df6efdf716979b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://give.rainn.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 16:24:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 108888
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 04 Aug 2024 16:24:32 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 56ms
11ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THW572

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.rainn.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 04 Aug 2024 15:15:05 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4167
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 04 Aug 2024 17:15:05 GMT

GET
H2

200

favicon.ico
edge-secure.everyaction.com/Content/images/
Redirect Chain

https://give.rainn.org/favicon.ico
https://edge-secure.everyaction.com/Content/images/favicon.ico

15 KB
15 KB

30ms
9ms

Other
image/x-icon

45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://edge-secure.everyaction.com/Content/images/favicon.ico
Protocol: H2
Server: 45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 7bf94a4aa6a0872064d045aab0bdc4f8518a5524848b2ad5bf494e552fa6364e

Request headers

Referer: https://give.rainn.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-iinfo: 13-36442089-0 0cNN RT(1722788671277 327) q(0 -1 -1 -1) r(0 -1)
date: Sun, 04 Aug 2024 16:24:31 GMT
last-modified: Thu, 01 Aug 2024 08:54:12 GMT
x-cdn: Imperva
etag: "092161f0e3da1:0"
content-length: 15086
content-type: image/x-icon

Redirect headers

date: Sun, 04 Aug 2024 16:24:31 GMT
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
via: 1.1 eab88762658052b4a1e386f8521a38ce.cloudfront.net (CloudFront)
server: Microsoft-IIS/10.0
x-cdn: Imperva
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
location: https://edge-secure.everyaction.com/Content/images/favicon.ico
x-iinfo: 7-28770554-28647975 pNNy RT(1722788666892 4816) q(0 0 0 -1) r(1 1) U11
content-length: 185
x-amz-cf-id: fVHztd9Dhdzh6EbUdhllt6XIrF4vfdNZ0ehW_Twgnl6eqS5BE7b4Hw==

GET
H2 200 396783894239070 Show response
connect.facebook.net/signals/config/ 72 KB
15 KB 140ms
140ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/396783894239070?v=2.9.164&r=stable&domain=give.rainn.org&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

27f213891598fa6af306a3d7f76b3ec378352a7479290f0b979b8de42cd37641

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://give.rainn.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 04 Aug 2024 16:24:32 GMT
document-policy: force-load-at-top
x-fb-server-load: 33
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=11, rtx=0, c=65, mss=1328, tbw=64425, tp=-1, tpl=-1, uplat=119, ullat=0
pragma: public
x-fb-debug: liyB8GASDbyU61nbYmC5dw7hOKIYUeaLEtDph8vYRybPMEfGqoB7oZE5ZMySeVf1RKbs8s8CJdjloRN6Xg1ZyA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 96 B
200 B 151ms
150ms XHR
application/json 20.50.88.242
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.50.88.242 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

632c1910ce79b1b0c12af7b285d2edc8fa25a80a1eed734419a714c94ddc8884

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.rainn.org/
Sdk-Context: appId
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000
date: Sun, 04 Aug 2024 16:24:32 GMT
x-content-type-options: nosniff
server: Microsoft-HTTPAPI/2.0
content-type: application/json; charset=utf-8

OPTIONS
H2 204 track
dc.services.visualstudio.com/v2/ Frame 0
0 253ms
39ms Preflight 20.50.88.242
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.50.88.242 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://give.rainn.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
date: Sun, 04 Aug 2024 16:24:32 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 146ms
25ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-HQTMLQ947D&gtm=45je47v0v888795481z872252890za200zb72252890&_p=1722788671952&_gaz=1&gcs=G111&gcd=13n3nPl2l5&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250753&cid=804700955.1722788672&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1722788672&sct=1&seg=0&dl=https%3A%2F%2Fgive.rainn.org%2FP2P%2FZQUJANcw5kORSP0-JxSN2A2%2F9HZhE64TEe2ZTQAiSCWImA2&dt=Thanks%20for%20visiting%20my%20fundraising%20page!&en=page_view&_fv=1&_nsi=1&_ss=1&ep.clean_page_path=%2FP2P%2FZQUJANcw5kORSP0-JxSN2A2%2F9HZhE64TEe2ZTQAiSCWImA2%2F&tfd=1444
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://give.rainn.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Aug 2024 16:24:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.rainn.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
244 B 166ms
46ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-HQTMLQ947D&cid=804700955.1722788672&gtm=45je47v0v888795481z872252890za200zb72252890&aip=1&dma=1&dma_cps=syphamo&gcs=G111&gcd=13n3nPl2l5&npa=1&frm=0&tag_exp=95250753
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HQTMLQ947D&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://give.rainn.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Aug 2024 16:24:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.rainn.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 152ms
37ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HQTMLQ947D&cid=804700955.1722788672&gtm=45je47v0v888795481z872252890za200zb72252890&aip=1&dma=1&dma_cps=syphamo&gcs=G111&gcd=13n3nPl2l5&npa=1&frm=0&tag_exp=95250753&tag_exp=95250753&z=42982705

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://give.rainn.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Aug 2024 16:24:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
220 B 21ms
20ms XHR
text/plain 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2063439853&t=pageview&_s=1&dl=https%3A%2F%2Fgive.rainn.org%2FP2P%2FZQUJANcw5kORSP0-JxSN2A2%2F9HZhE64TEe2ZTQAiSCWImA2&ul=de-de&de=UTF-8&dt=Thanks%20for%20visiting%20my%20fundraising%20page!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAAI~&jid=1379885388&gjid=1767783298&cid=804700955.1722788672&tid=UA-420351-1&_gid=7653372.1722788673&_r=1&_slc=1&gtm=45He47v0n71THW572v72252890za200&gcs=G111&gcd=13n3n3l2l5&dma_cps=syphamo&dma=1&tag_exp=95250753&npa=1&z=1955893235

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

134b221f3ca667791d4283b643ceee3560613b7e1d3a7229b50ad54d4dcd172a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.rainn.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Aug 2024 16:24:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.rainn.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 61ms
22ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=396783894239070&ev=PageView&dl=https%3A%2F%2Fgive.rainn.org%2FP2P%2FZQUJANcw5kORSP0-JxSN2A2%2F9HZhE64TEe2ZTQAiSCWImA2&rl=&if=false&ts=1722788672551&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1722788672545.349270705727601654&cs_est=true&ler=empty&cdl=API_unavailable&it=1722788672352&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://give.rainn.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=2789, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 04 Aug 2024 16:24:32 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 229ms
191ms Image
image/png 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=396783894239070&ev=PageView&dl=https%3A%2F%2Fgive.rainn.org%2FP2P%2FZQUJANcw5kORSP0-JxSN2A2%2F9HZhE64TEe2ZTQAiSCWImA2&rl=&if=false&ts=1722788672551&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1722788672545.349270705727601654&cs_est=true&ler=empty&cdl=API_unavailable&it=1722788672352&coo=false&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://give.rainn.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Sun, 04 Aug 2024 16:24:32 GMT
document-policy: force-load-at-top
x-fb-server-load: 29
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7399321004608728926", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=1, c=10, mss=1328, tbw=3106, tp=-1, tpl=-1, uplat=175, ullat=0
pragma: no-cache
x-fb-debug: xPOi5bkAeog9CCM633SssfqndGgXC9mCq/p4n/0edlg8m0Y+3Nj/NUVSg7/KSvqUSUEtwTkwvTncV4DuT+7nZw==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7399321004608728926"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 334 KB
108 KB 29ms
28ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HQTMLQ947D&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dda71a7c72d5905216c1a617fd5de6c96acfcfe5b90a1f6449aa60627663d84d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://give.rainn.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 16:24:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 110555
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 04 Aug 2024 16:24:32 GMT

GET
H2 200 ddplugin.css
doublethedonation.com/api/css/ 141 KB
17 KB 722ms
219ms Stylesheet
text/css 20.172.164.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://doublethedonation.com/api/css/ddplugin.css
Requested by: Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.172.164.4 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 60891a54df49aac87f56b67ebcd37582eae4b01e7b20b35b5b141a5ddd7e66c5

Request headers

Referer: https://give.rainn.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 16:24:33 GMT
content-encoding: gzip
last-modified: Mon, 29 Jul 2024 23:54:34 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, public
access-control-allow-credentials: true
expires: Sun, 04 Aug 2024 17:24:33 GMT

GET
H2 200 ddplugin.js Show response
doublethedonation.com/api/js/ 471 KB
123 KB 722ms
220ms Script
text/javascript 20.172.164.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://doublethedonation.com/api/js/ddplugin.js
Requested by: Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.172.164.4 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 6ce49514b9d4e842b63f7b0f03fcbd74113bb99b67fe5c771c4bbd4e3b17a148

Request headers

Referer: https://give.rainn.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 16:24:33 GMT
content-encoding: gzip
last-modified: Mon, 29 Jul 2024 23:54:34 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, public
access-control-allow-credentials: true
expires: Sun, 04 Aug 2024 17:24:33 GMT

GET
H/1.1 200
OK profile Show response
fastaction.ngpvan.com/api/v3/ 149 B
1 KB 917ms
438ms XHR
application/json 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://fastaction.ngpvan.com/api/v3/profile?_=1722788672019

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / Express, ASP.NET

Resource Hash

412e708162637f6f9d1afa4955e43baa8dcc61592a0ef595cc04a271b87288bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://give.rainn.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 04 Aug 2024 16:24:33 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubdomains
Server: Microsoft-IIS/10.0
X-CDN: Imperva
ETag: W/"95-r+4CemLULxNbroBMgXf0R+5vG6M"
X-Powered-By: Express, ASP.NET
Vary: Accept-Encoding,Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://give.rainn.org
X-Iinfo: 12-30960019-30960054 NNNN CT(93 189 0) RT(1722788671786 464) q(0 0 3 4) r(4 4) U4
P3P: CP="NOI ADM DEV COM NAV OUR STP"
Access-Control-Allow-Credentials: true
Content-Length: 268
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 55ms
54ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-HQTMLQ947D&gtm=45je47v0v888795481za200zb72252890&_p=1722788671952&gcs=G111&gcd=13n3nPl2l5&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250753&cid=804700955.1722788672&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EEA&_s=2&sid=1722788672&sct=1&seg=0&dl=https%3A%2F%2Fgive.rainn.org%2FP2P%2FZQUJANcw5kORSP0-JxSN2A2%2F9HZhE64TEe2ZTQAiSCWImA2&dt=Thanks%20for%20visiting%20my%20fundraising%20page!&en=scroll&ep.clean_page_path=%2FP2P%2FZQUJANcw5kORSP0-JxSN2A2%2F9HZhE64TEe2ZTQAiSCWImA2%2F&epn.percent_scrolled=90&_et=35&tfd=1688
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://give.rainn.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Aug 2024 16:24:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.rainn.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK index.html
js.verygoodvault.com/vgs-collect/2.18.4/lib/ Frame CB7A 0
0 40ms
17ms Document
text/html 3.160.150.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/vgs-collect.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-15.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://give.rainn.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Age: 7
Cache-Control: max-age=60
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sun, 04 Aug 2024 16:24:26 GMT
ETag: W/"891d22e58a2927b43f5ab135e7bdaa88"
Last-Modified: Thu, 16 Mar 2023 10:29:57 GMT
Server: AmazonS3
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront), 1.1 dc929648f0c936ae1fcea0675ad0382c.cloudfront.net (CloudFront)
X-Amz-Cf-Id: rMb_nkjAANRflGj3Hi-qD1b_5IG3ydwhmcdHHGQMmkBbqIa4gQCfXg==
X-Amz-Cf-Pop: FRA2-C2 FRA60-P7
X-Cache: Hit from cloudfront
x-amz-server-side-encryption: AES256
x-amz-version-id: D5Am0ac.4Bfz1LEHZRvgk67rZFGuM9PD

GET
H2 200 5wIZNlYuv0iWAHnanbD7kw2
secure.everyaction.com/FormProgress/ Frame FA64 0
0 460ms
425ms Document
text/html 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.everyaction.com/FormProgress/5wIZNlYuv0iWAHnanbD7kw2?formShortCode=ZQUJANcw5kORSP0-JxSN2A2

Requested by

Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give.rainn.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-expose-headers: Request-Context
cache-control: private
content-encoding: gzip
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
content-type: text/html; charset=utf-8
date: Sun, 04 Aug 2024 16:24:33 GMT
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cdn: Imperva
x-content-type-options: nosniff
x-iinfo: 7-26482284-26482286 NNNN CT(87 201 0) RT(1722788671881 20) q(0 0 2 -1) r(4 4) U2
x-xss-protection: 1; mode=block

GET
H2 200 paypal-logo.png
static.everyaction.com/ea-actiontag/assets/images/ 3 KB
3 KB 8ms
7ms Image
image/png 2600:9000:2490:6400:3:1d53:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.everyaction.com/ea-actiontag/assets/images/paypal-logo.png
Requested by: Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:6400:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 02d1bfc3fb8b4eff4d80613794e94142267895398d35dbca72e8ca7ddb62ab54

Request headers

Referer: https://static.everyaction.com/ea-actiontag/at.min.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 21:27:43 GMT
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 18385010
x-cache: Hit from cloudfront
content-length: 2778
last-modified: Tue, 07 Dec 2021 15:33:44 GMT
server: AmazonS3
etag: "459c51e4e024db4720b62513d12edb6a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
x-amz-cf-id: iBUnpkfqg0eJ8vbsVn4OaibLZ6Z6g5uy6cihUhGmLJ-U4w3nhDps2A==

GET
H2 200 ZQUJANcw5kORSP0-JxSN2A2 Show response
secure.everyaction.com/PayPalClientToken/ 2 KB
2 KB 562ms
561ms XHR
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.everyaction.com/PayPalClientToken/ZQUJANcw5kORSP0-JxSN2A2

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

563fb80c76bbe7be15b65d18e1286f94bc2317c8a3ea6f6d69e21fe9b1ced34e

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://give.rainn.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 16:24:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-cdn: Imperva
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-iinfo: 13-36442089-36442094 PNNN RT(1722788671277 650) q(0 0 0 -1) r(5 5) U18
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
vary: Origin,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://give.rainn.org
access-control-expose-headers: Request-Context
cache-control: public, max-age=10
access-control-allow-credentials: true

GET
DATA 200
OK truncated
/ 784 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK candid-seal-platinum-2024.png
nvlupin.blob.core.windows.net/images/van/EA/EA015/1/93055/images/ 6 KB
7 KB 104ms
104ms Image
image/png 20.209.68.129
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nvlupin.blob.core.windows.net/images/van/EA/EA015/1/93055/images/candid-seal-platinum-2024.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.209.68.129 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b7e7d2bc98a555252a59731c5e7bfda7b61640b6352e0b79ee630622e5495387

Request headers

Referer: https://give.rainn.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 04 Aug 2024 16:24:32 GMT
Last-Modified: Fri, 09 Feb 2024 15:24:54 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8DC2983448B09DB
Content-Type: image/png
Access-Control-Allow-Origin: *
x-ms-request-id: 900aa858-501e-000d-778a-e6ad44000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 6445

GET
H/1.1 200
OK Four-Star%20Rating%20Badge%20-%20Full%20Color.png
nvlupin.blob.core.windows.net/images/van/EA/EA015/1/93055/images/ 95 KB
96 KB 103ms
102ms Image
image/png 20.209.68.129
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nvlupin.blob.core.windows.net/images/van/EA/EA015/1/93055/images/Four-Star%20Rating%20Badge%20-%20Full%20Color.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.209.68.129 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b460328d1f43939d2f3772c51d65f6c9daebaa4da5897710e8fd46a91570fa67

Request headers

Referer: https://give.rainn.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 04 Aug 2024 16:24:32 GMT
Last-Modified: Tue, 03 Oct 2023 20:43:01 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8DBC45155A42209
Content-Type: image/png
Access-Control-Allow-Origin: *
x-ms-request-id: 6dc149bd-501e-0050-678a-e6a7c0000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 97665

GET
H/1.1 200
OK CharityWatch_Seal_RGB_WEB_hi-res.png
nvlupin.blob.core.windows.net/images/van/EA/EA015/1/93055/images/ 34 KB
35 KB 198ms
102ms Image
image/png 20.209.68.129
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nvlupin.blob.core.windows.net/images/van/EA/EA015/1/93055/images/CharityWatch_Seal_RGB_WEB_hi-res.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.209.68.129 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a702c1d17f3e92feef286fa2f533c8cc439b0deeaf33f02c81946e6654122095

Request headers

Referer: https://give.rainn.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 04 Aug 2024 16:24:32 GMT
Last-Modified: Tue, 03 Oct 2023 20:48:00 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8DBC45207F810D9
Content-Type: image/png
Access-Control-Allow-Origin: *
x-ms-request-id: 900aa8af-501e-000d-4a8a-e6ad44000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 34910

GET
H2 200 ZQUJANcw5kORSP0-JxSN2A2
secure.everyaction.com/v1/Track/ 0
102 B 119ms
117ms Image
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.everyaction.com/v1/Track/ZQUJANcw5kORSP0-JxSN2A2?formSessionId=af849dad-e34d-4fa7-be15-1e655b066133&bName=chrome&dType=desktop&formVersion=2/7/2024%2010:42:59%20PM|&fUrl=aHR0cHM6Ly9naXZlLnJhaW5uLm9yZy9QMlAvWlFVSkFOY3c1a09SU1AwLUp4U04yQTIvOUhaaEU2NFRFZTJaVFFBaVNDV0ltQTI%3D&fRef=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give.rainn.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
pragma: no-cache
date: Sun, 04 Aug 2024 16:24:32 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-cdn: Imperva
x-frame-options: SAMEORIGIN
x-iinfo: 13-36442089-36442094 PNNN RT(1722788671277 732) q(0 0 0 -1) r(1 1) U2
access-control-expose-headers: Request-Context
cache-control: no-cache
content-length: 0
x-xss-protection: 1; mode=block
expires: -1

GET
H2 200 fast-action.svg
static.everyaction.com/ea-actiontag/assets/images/ 9 KB
9 KB 10ms
8ms Image
image/svg+xml 2600:9000:2490:6400:3:1d53:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.everyaction.com/ea-actiontag/assets/images/fast-action.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:6400:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b60497a77afdcb315e270ec5f6fe3d53797c486032fc6752523aa8c65be7b985

Request headers

Referer: https://give.rainn.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 04:53:07 GMT
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 41561
x-cache: Hit from cloudfront
content-length: 9203
last-modified: Tue, 07 Dec 2021 15:33:44 GMT
server: AmazonS3
etag: "babd47dc25531a9faeadc04f1afa1910"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: g3zxMBeQRD360RKPUtDUu3_u2SYXSF9lLbnwUZidZWOSoWnHDgi_qg==

GET
H/1.1 200
OK index.html
js.verygoodvault.com/vgs-collect/2.18.4/lib/ Frame 379F 0
0 0ms
0ms Document
text/html 3.160.150.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/vgs-collect.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-15.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://give.rainn.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Age: 7
Cache-Control: max-age=60
Content-Encoding: gzip
Content-Type: text/html
Date: Sun, 04 Aug 2024 16:24:26 GMT
ETag: W/"891d22e58a2927b43f5ab135e7bdaa88"
Last-Modified: Thu, 16 Mar 2023 10:29:57 GMT
Server: AmazonS3
Vary: Accept-Encoding
Via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront), 1.1 dc929648f0c936ae1fcea0675ad0382c.cloudfront.net (CloudFront)
X-Amz-Cf-Id: rMb_nkjAANRflGj3Hi-qD1b_5IG3ydwhmcdHHGQMmkBbqIa4gQCfXg==
X-Amz-Cf-Pop: FRA2-C2 FRA60-P7
X-Cache: Hit from cloudfront
x-amz-server-side-encryption: AES256
x-amz-version-id: D5Am0ac.4Bfz1LEHZRvgk67rZFGuM9PD

GET
H/1.1 200
OK index.html
js.verygoodvault.com/vgs-collect/2.18.4/lib/ Frame B275 0
0 0ms
0ms Document
text/html 3.160.150.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/vgs-collect.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-15.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://give.rainn.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Age: 7
Cache-Control: max-age=60
Content-Encoding: gzip
Content-Type: text/html
Date: Sun, 04 Aug 2024 16:24:26 GMT
ETag: W/"891d22e58a2927b43f5ab135e7bdaa88"
Last-Modified: Thu, 16 Mar 2023 10:29:57 GMT
Server: AmazonS3
Vary: Accept-Encoding
Via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront), 1.1 dc929648f0c936ae1fcea0675ad0382c.cloudfront.net (CloudFront)
X-Amz-Cf-Id: rMb_nkjAANRflGj3Hi-qD1b_5IG3ydwhmcdHHGQMmkBbqIa4gQCfXg==
X-Amz-Cf-Pop: FRA2-C2 FRA60-P7
X-Cache: Hit from cloudfront
x-amz-server-side-encryption: AES256
x-amz-version-id: D5Am0ac.4Bfz1LEHZRvgk67rZFGuM9PD

POST
H2 200 graphql Show response
payments.braintree-api.com/ 1 KB
1011 B 390ms
301ms XHR
application/json 13.248.139.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.braintree-api.com/graphql

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.248.139.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ae1d37305401c759d.awsglobalaccelerator.com

Software

nginx /

Resource Hash

8b7097e77fe327178a1459d476a46644053effb509956e4b14e613cfdf2f0cea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://give.rainn.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjIwMTgwNDI2MTYtcHJvZHVjdGlvbiIsImlzcyI6Imh0dHBzOi8vYXBpLmJyYWludHJlZWdhdGV3YXkuY29tIn0.eyJleHAiOjE3MjI4NzUwNzMsImp0aSI6ImE3MDc4NzZlLTI1ZGMtNGY4My05MDgzLWQ0NDRkYWUzNjM1ZCIsInN1YiI6Imp5enlwcXdtdDZtdmpmYnoiLCJpc3MiOiJodHRwczovL2FwaS5icmFpbnRyZWVnYXRld2F5LmNvbSIsIm1lcmNoYW50Ijp7InB1YmxpY19pZCI6Imp5enlwcXdtdDZtdmpmYnoiLCJ2ZXJpZnlfY2FyZF9ieV9kZWZhdWx0IjpmYWxzZX0sInJpZ2h0cyI6WyJtYW5hZ2VfdmF1bHQiXSwic2NvcGUiOlsiQnJhaW50cmVlOlZhdWx0Il0sIm9wdGlvbnMiOnt9fQ.F5YJNm5KOqZeXNop_I82VSlHpIbYxV9EeLBBeTI3m-SDpazTGiRkncOIjmqVRc0XkzxInDIMEsqRcmspFk1gjw
Braintree-Version: 2018-05-10
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 04 Aug 2024 16:24:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
server: nginx
vary: Braintree-Version, Accept-Encoding
braintree-version: 2016-10-07
content-type: application/json
access-control-allow-origin: https://give.rainn.org
paypal-debug-id: f215faff4ea34
cache-control: no-cache, no-store
x-frame-options: DENY
content-length: 658

GET
H2 200 fontello.css
doublethedonation.com/api/fontello/css/ 6 KB
2 KB 169ms
152ms Stylesheet
text/css 20.172.164.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://doublethedonation.com/api/fontello/css/fontello.css
Requested by: Host: doublethedonation.com
URL: https://doublethedonation.com/api/css/ddplugin.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.172.164.4 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 80c9827e15777b93d54c692ec57e8d59cf6080df4a4c76a014a60aa0812bbbc0

Request headers

Referer: https://doublethedonation.com/api/css/ddplugin.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 16:24:33 GMT
content-encoding: gzip
last-modified: Mon, 29 Jul 2024 23:54:34 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, public
access-control-allow-credentials: true
expires: Sun, 04 Aug 2024 17:24:33 GMT

OPTIONS
H2 200 graphql
payments.braintree-api.com/ Frame 0
0 65ms
15ms Preflight 13.248.139.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.braintree-api.com/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.248.139.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ae1d37305401c759d.awsglobalaccelerator.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,braintree-version,content-type
Access-Control-Request-Method: POST
Origin: https://give.rainn.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: authorization,braintree-version,content-type
access-control-allow-methods: GET,DELETE,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://give.rainn.org
access-control-max-age: 1800
date: Sun, 04 Aug 2024 16:24:33 GMT
paypal-debug-id: ff94c6d95d2e4
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
x-frame-options: DENY

GET
H2 200 fast-action.svg
static.everyaction.com/ea-actiontag/assets/images/ 9 KB
0 8ms
8ms Image
image/svg+xml 2600:9000:2490:6400:3:1d53:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.everyaction.com/ea-actiontag/assets/images/fast-action.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:6400:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b60497a77afdcb315e270ec5f6fe3d53797c486032fc6752523aa8c65be7b985

Request headers

Referer: https://give.rainn.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 04:53:07 GMT
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 41561
x-cache: Hit from cloudfront
content-length: 9203
last-modified: Tue, 07 Dec 2021 15:33:44 GMT
server: AmazonS3
etag: "babd47dc25531a9faeadc04f1afa1910"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: g3zxMBeQRD360RKPUtDUu3_u2SYXSF9lLbnwUZidZWOSoWnHDgi_qg==

GET
H2 200 plugin_settings Show response
doublethedonation.com/api/v1/ 700 B
619 B 324ms
111ms XHR
application/json 20.172.164.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://doublethedonation.com/api/v1/plugin_settings?customer_id=KSaUW2Z5EsJNVBZj

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.172.164.4 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

c815fc40682cff26a6dea47bcf690a16d21368c1b11cd9a5b8cb9cc4bbd3e2de

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://give.rainn.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 16:24:33 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
x-frame-options: sameorigin
vary: Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: application/json; charset=utf-8
access-control-allow-credentials: true

POST
H/1.1 200
OK jyzypqwmt6mvjfbz Show response
client-analytics.braintreegateway.com/ 0
349 B 17ms
13ms XHR
text/plain 3.74.79.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/jyzypqwmt6mvjfbz

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.74.79.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-74-79-230.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://give.rainn.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Sun, 04 Aug 2024 16:24:33 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://give.rainn.org
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

POST
H/1.1 200
OK jyzypqwmt6mvjfbz Show response
client-analytics.braintreegateway.com/ 0
349 B 12ms
11ms XHR
text/plain 3.74.79.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/jyzypqwmt6mvjfbz

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.74.79.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-74-79-230.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://give.rainn.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Sun, 04 Aug 2024 16:24:33 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://give.rainn.org
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

GET
H2 200 dispatch-frame.min.html
checkout.paypal.com/web/3.44.2/html/ Frame C659 0
0 64ms
10ms Document
text/html 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://checkout.paypal.com/web/3.44.2/html/dispatch-frame.min.html

Requested by

Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CD8) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.rainn.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=86400, s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-length: 3026
content-type: text/html
date: Sun, 04 Aug 2024 16:24:33 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "662bdc42-1ed4+gzip"
expires: Mon, 05 Aug 2024 16:24:33 GMT
last-modified: Fri, 26 Apr 2024 16:54:26 GMT
paypal-debug-id: 9c2d608b47851
server: ECAcc (frc/4CD8)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000009c2d608b47851-557f8dc178c68e62-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff

POST
H/1.1 200
OK jyzypqwmt6mvjfbz Show response
client-analytics.braintreegateway.com/ 0
349 B 17ms
14ms XHR
text/plain 3.74.79.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/jyzypqwmt6mvjfbz

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.74.79.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-74-79-230.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://give.rainn.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Sun, 04 Aug 2024 16:24:33 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://give.rainn.org
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

OPTIONS
H/1.1 200
OK jyzypqwmt6mvjfbz
client-analytics.braintreegateway.com/ Frame 0
0 59ms
9ms Preflight 3.74.79.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/jyzypqwmt6mvjfbz

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.74.79.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-74-79-230.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://give.rainn.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://give.rainn.org
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Sun, 04 Aug 2024 16:24:33 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains

OPTIONS
H/1.1 200
OK jyzypqwmt6mvjfbz
client-analytics.braintreegateway.com/ Frame 0
0 58ms
9ms Preflight 3.74.79.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/jyzypqwmt6mvjfbz

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.74.79.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-74-79-230.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://give.rainn.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://give.rainn.org
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Sun, 04 Aug 2024 16:24:33 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains

OPTIONS
H/1.1 200
OK jyzypqwmt6mvjfbz
client-analytics.braintreegateway.com/ Frame 0
0 59ms
10ms Preflight 3.74.79.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/jyzypqwmt6mvjfbz

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.74.79.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-74-79-230.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://give.rainn.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://give.rainn.org
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Sun, 04 Aug 2024 16:24:33 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains

POST
H/1.1 200
OK jyzypqwmt6mvjfbz Show response
client-analytics.braintreegateway.com/ 0
349 B 19ms
16ms XHR
text/plain 3.74.79.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/jyzypqwmt6mvjfbz

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.74.79.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-74-79-230.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://give.rainn.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Sun, 04 Aug 2024 16:24:34 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://give.rainn.org
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

POST
H3 204 collect
region1.analytics.google.com/g/ 0
0 16ms
15ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-HQTMLQ947D&gtm=45je47v0v888795481z872252890za200&_p=1722788671952&gcs=G111&gcd=13n3nPl2l5&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250753&cid=804700955.1722788672&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=MAAI&_s=3&sid=1722788672&sct=1&seg=0&dl=https%3A%2F%2Fgive.rainn.org%2FP2P%2FZQUJANcw5kORSP0-JxSN2A2%2F9HZhE64TEe2ZTQAiSCWImA2&dt=Thanks%20for%20visiting%20my%20fundraising%20page!&en=view_item&pr1=nmP2P%3A%20Raise%20for%20RAINN~idZQUJANcw5kORSP0-JxSN2A2&ep.clean_page_path=%2FP2P%2FZQUJANcw5kORSP0-JxSN2A2%2F9HZhE64TEe2ZTQAiSCWImA2%2F&_et=191&tfd=6689
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://give.rainn.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Aug 2024 16:24:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.rainn.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
give.rainn.org/P2P/ZQUJANcw5kORSP0-JxSN2A2	1969-12-31 23:59:59	Name: pageviewCountCookie Value: 1
give.rainn.org/	1970-01-20 22:33:08	Name: ___utmvc Value: pULpYvNJVT/YGT6pOAla+y8FbHTles94jx3trbIgGD6LXsmXNUBjQDJ3qLsSw6XLiqeyjnf+dmbJm5N2xqphHODL0b58lrDAIm4WOcEdzjA5Q6Wngv6U/bjT9DhuQ2TJV+aikiwW4j3/8pWXPzTjBuNncd9b0fLDoK2EGNnueSTMSAUUXvekwZsqtXwy8yxypDz9GW+KSmDnr7UGwKs4XZwmDvogOI8Zk0+vqb6SZ+YHTGFQnqlUEatXszGsXMROi1YBzH+czGwT/qB/MpcUlAsG+GgYAwr7He64q8E4eDNs8EKcPkzeVWQeL3BnhgCHYcwuZwIGQP8TUwQvprpoOeaO6Zjfxtd7fev2VxIP4+0AA4uFaMwoSQjsL79w508Hd0X7gUe7LI+aFNlJwpkNJ8lQgas99eeWsL+fk2A0LoaQ0Nx53Zkb8iHOOMoDvjqaCIU/1kDs7zv9tKNkBHZgbOpIxDFmabGh5rId/GIca/OoXMG7uirQDYvpSf/8TzsqWLTa1p4DF9t9irhQafdjcJbW0Ndd5dB2jzV3blfdMVI7jNaGnGz0lQlWakTYXrYoUqvXNu+C+Z0s6mGg8m4Dv0zyDVE8+I07shGBMIFMCesxgq/SfVrSSLz6SRGyIwA5/hiTjuAAhrx23LTKY0tahT3DWaequBvNmau+PXFE7pqhBaFI3wsp8hhddW45FhE7zaNeHhLtDbcrJgJ2CEYCBBbxjxJudvlvr1KnkFa7BzD3USeQKSXCnBnPQhCO77Y71ZIEjYFXt3mu/QwGpayti7h2QsDiyiduMLEw5Zdez8RJDOCsS7/0wUNQEZaWl6/08XIWJEXlWozXuD5qxbgft42MqVlWL9cWGw2g8RSUUYFNctwEVKcOOw+NQ6eAqN5gXYOOxuqzp/CLzDF5QMbHw04eoknROulC19z88ac6coz5JD14kownoWvAsHYiuH1mFR3KLUG+XcXGjMnNccwnTisx8XdqvoMWChXLm0xSNHSr5k8lg2vhj6qjRP3ecsRCgRh8Q7XKVKYAqYAvpPviYzApRdGguox1p8ATm85Q7pBWN6Son0mTbht+ho0LO1/zqnLNJCAfrMBQqIV5Oi1UgvsOufbHBplBvJwuJMotewqpLEf4X0y8WFB9cvoOU9x4ISlW3lig0eBJzGElXN8ZcWwjEDfCAVsz3KAiwq9tp8NVYZbqZOej+8Guf8jSlkCib6jjcC0QmjdxZH6UTGgKj1pNS6FafJY86z+e+4ELI1S9vLpcKYkiYlzxUMB9aKpgtERbRyngvp2LspUOZMrQ0+eL4GOAf8xErBDG5m3ui4w1KyA3IBLX70QLlfAi7Xog/D35dNVn/CzOAGC7YtU09zFSqTcCJWc34/lDg1GoMwrR/qP3ptrhVppkEeoq6zzfIMRUTjexuv8uUJPTAdw98mD2I5NA5nPET/ESgjc7q9aToFK0by7Sucq8MFwH85fZg8FP9IyfCuNWheEuDBWzvcUqWgt96Ap4ChPmSd56pU5w5jc0kAOSeqdCLjHLcnL3BKCeZ0EQ1fQUa9H5IrPV169DbRPUYPFAFeQjrQX9pCegsdPdk7my/lSHifM1J4Shbgg5HMzQRESZhT6GW6sH1Z57W7HuGS11jOkA2jjPIDh0q7l619f/zx7UFtw1rTCQgEus0Oj237n6OAq+dFrG73RsVIzLdYLGKlzpPWxlrZmQOjNVRG7095u2JfjCWf3mcW13H5YEvGftVYuNihO4Y4bzeRokXucCSL3luzGNjeWSNBxf7gzZhuQcmS7IH/m09CCmq5H6FxxRMyVIgGgEDSfVNNQMr9YNED1stuQJBw/Xn96Dr8NRCifEyJ02Sw6k2jDhad+vNZs+bt5SCu5HLLQYK8wiZPM5My6yFEadx4DUbVJFO3sKRcCDoBwUyvNGYfOVJk8Y/xrgJ6XC7NjDQnPQwDdoRBt/a9uKKDZkWrKYCzecMV6T4LTZP7OIMDPYgZl5+dSzmDwqr0+m/IPyooyNuMz9D6fzD7xEX3xqzgJKNolAAoIGpgd4uneW4EFSL6OnmG/F9x7nv6EPCxgZ4lhXEi6y3efbcBiuKrYr5D4bQE2kPIJ3GDp5yCK2F1XIBpBV1qJOWQBo5+8hac1zgDTKpHHpZZuv/OguJYd7HsYoI5YYTksDFew3W6mo001ws5KkcHVO/WoOJsRzxiu3L8SvgLXNIdWRUkxBdKh8FpZfiQXg9RroOY/jiH3+RNY1bWUCspvK4yK9xe2zrEjAnaUawTedRH90yaVMabqjLgoKY/OuJWaWnPWDjEpUbaN2FVgwGIGSTalmfs24+J/A0mz1Z7Waan2jLBS9iTsSfLd04F5HYIkL9GcCbwBffwSXlX2Wp8An6tnxE1FeuAVSMcZUlZ4swZ6cTzi+wc9fv8iTqCV1PR15CCni2ZhOITaIlSIwpOL9qQXmAMpi7dec1C9pNkg1F54YqMu7YWSThDbpJOFyQRz1Z47sRMSS3uCcWkhB3qPPFDQAEbOcqg98KJf8r8LKr3r6AVOcZLdJCqicjr3IBD3iKMvjzkvBuoQ1GlOpvsO/UpE4/Sm7a2sH+ODroSsXhmd/oCxJvKs5SXfOcIu9xJ335oyYGr0F744P4Y8j7cz3i+4hznart7mfA4m5y8q7kbTdwWHCUc4IAC8PtTijBAIYv6hjxuqlIkkjE9SSHnZz9260d9mU7sCZfkMrAxFpJh2c/UOAm8d2MUFFltcMzZEAVTD92npHU9JjTDRocPV331ujcehrYXQo6ZkQfCS57E78h6pxosHGXt7k/BLbjPKBF1lc26TzUuOcv+tqxgjICEtp4CcsZGlnZXN0PSxzPU5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTg==
give.rainn.org/	1970-01-21 07:18:44	Name: ai_user Value: OXrEkllsfbil5AKBH5auuu\|2024-08-04T16:24:32.266Z
give.rainn.org/	1970-01-20 22:33:10	Name: ai_session Value: aBWAWIneksBNq4CAwt/pTn\|1722788672269\|1722788672269
.rainn.org/	1970-01-21 00:42:44	Name: _gcl_au Value: 1.1.303124614.1722788672
.rainn.org/	1970-01-21 08:09:08	Name: _ga Value: GA1.2.804700955.1722788672
.rainn.org/	1970-01-20 22:34:35	Name: _gid Value: GA1.2.7653372.1722788673
.rainn.org/	1970-01-20 22:33:08	Name: _gat_UA-420351-1 Value: 1
.everyaction.com/	1970-01-21 07:17:42	Name: visid_incap_2302165 Value: aX3OeYR0TBadBcsa3J39tD+rr2YAAAAAQUIPAAAAAABvP0cmmsQsxAfkIIolB1PG
.everyaction.com/	1969-12-31 23:59:59	Name: incap_ses_877_2302165 Value: u5NecNVvqC3BRBQl5rorDD+rr2YAAAAAct5S0N6A0wZO7VHJbvl6pw==
.rainn.org/	1970-01-21 00:42:44	Name: _fbp Value: fb.1.1722788672545.349270705727601654
.everyaction.com/	1970-01-21 07:17:42	Name: visid_incap_823975 Value: 8GZ8gnoGR2KsM3Ca5fkNcz+rr2YAAAAAQUIPAAAAAACn82+gbuHEh4T/gm8r9zNU
.everyaction.com/	1969-12-31 23:59:59	Name: nlbi_823975 Value: shGLKpG2OF7AHjl9xwoUeQAAAAAuwUHy/S8MKVntzLIvMbqu
.everyaction.com/	1969-12-31 23:59:59	Name: incap_ses_877_823975 Value: GbWxOi9zHw5SRBQl5rorDD+rr2YAAAAAVMQu072fPBejfdUgOfOAcQ==
.rainn.org/	1970-01-21 08:09:08	Name: _ga_HQTMLQ947D Value: GS1.1.1722788672.1.0.1722788672.60.0.0
secure.everyaction.com/	1970-01-20 22:33:37	Name: SessionKeyCookie Value:

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

az416426.vo.msecnd.net
checkout.paypal.com
client-analytics.braintreegateway.com
connect.facebook.net
dc.services.visualstudio.com
doublethedonation.com
edge-secure.everyaction.com
fastaction.ngpvan.com
fonts.googleapis.com
fonts.gstatic.com
give.rainn.org
js.verygoodvault.com
nvlupin.blob.core.windows.net
payments.braintree-api.com
region1.analytics.google.com
secure.everyaction.com
static.everyaction.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
13.224.189.83
13.248.139.42
192.229.221.25
20.172.164.4
20.209.68.129
20.50.88.242
2001:4860:4802:34::36
2600:9000:2490:6400:3:1d53:4780:93a1
2606:2800:133:206e:1315:22a5:2006:24fd
2a00:1450:4001:809::2003
2a00:1450:4001:81c::200e
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2008
2a00:1450:400c:c00::9d
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
3.160.150.114
3.160.150.15
3.74.79.230
45.60.33.183
02d1bfc3fb8b4eff4d80613794e94142267895398d35dbca72e8ca7ddb62ab54
134b221f3ca667791d4283b643ceee3560613b7e1d3a7229b50ad54d4dcd172a
27f213891598fa6af306a3d7f76b3ec378352a7479290f0b979b8de42cd37641
412e708162637f6f9d1afa4955e43baa8dcc61592a0ef595cc04a271b87288bf
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
563fb80c76bbe7be15b65d18e1286f94bc2317c8a3ea6f6d69e21fe9b1ced34e
575b2165304d899b7001ab593aeee31b371a46aee8b899c22a87ab9313389eda
60891a54df49aac87f56b67ebcd37582eae4b01e7b20b35b5b141a5ddd7e66c5
632c1910ce79b1b0c12af7b285d2edc8fa25a80a1eed734419a714c94ddc8884
66c024f48785329a01c0349b9a90ad3878cf9f36275468f476fa7bdd924356a1
6bd98bbadffead32a0913e7e38925ded27b97554b332519f0c5f30a6f235359a
6ce49514b9d4e842b63f7b0f03fcbd74113bb99b67fe5c771c4bbd4e3b17a148
726ae17a0fb81567b8ec6b892806fb51865914c7e04c7040070cddf76463d5da
76514bd1f76340cd0b5cb4bea2f98f0eafa04f3514f8bbb8c72685d5f50ac436
7bf94a4aa6a0872064d045aab0bdc4f8518a5524848b2ad5bf494e552fa6364e
80c9827e15777b93d54c692ec57e8d59cf6080df4a4c76a014a60aa0812bbbc0
8b7097e77fe327178a1459d476a46644053effb509956e4b14e613cfdf2f0cea
96e41d11ea5df0cdb8347f9c81484b4e707c166a6bd66d1e30df6efdf716979b
99e5303bce247df6e67f267d1951d2cafc9cde5ebc5d0dd965d303fe7ae83dee
9e7fe0edbc32bbda00bdef6dc0241bc78277a37d4ceeab5991c64d11915746b9
a702c1d17f3e92feef286fa2f533c8cc439b0deeaf33f02c81946e6654122095
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b460328d1f43939d2f3772c51d65f6c9daebaa4da5897710e8fd46a91570fa67
b60497a77afdcb315e270ec5f6fe3d53797c486032fc6752523aa8c65be7b985
b7e7d2bc98a555252a59731c5e7bfda7b61640b6352e0b79ee630622e5495387
bde9be4cbe799089a419225f87c2a9986043f6c7cb55853aaadab7200713f136
c815fc40682cff26a6dea47bcf690a16d21368c1b11cd9a5b8cb9cc4bbd3e2de
d407171004a70597d6c62fe564ea558e4fa5ade8d51afaa7043f9c0f8e2a9b39
d6518c5c6936d39620cd1920fa0d58df3163c265c4bead6f3109b9e73e9238d2
d85d9fe67c98bfc4003a3d06457d29c3e29ff64ee504d78c354e752dbba7babc
dda71a7c72d5905216c1a617fd5de6c96acfcfe5b90a1f6449aa60627663d84d
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f049a1747942f985c6646afbd37119ecc9e8f088db5e98e2a04f8f1f77d5de71
fc87cbffa19068476b549153877c4b783aff459cb240980aef8f8f6c9c43ed57
fd60aaf2a99d0c3f3087221bd87b39106b86093c5a19f4e268cfc1e75e453267
fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc

give.rainn.org Open in urlscan Pro 13.224.189.83 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

58 Requests

98 %HTTPS

52 %IPv6

20 Domains

22 Subdomains

22 IPs

4 Countries

1281 kBTransfer

3639 kBSize

16 Cookies

12 Outgoing links

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

give.rainn.org Open in urlscan Pro
13.224.189.83 Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

98 %
HTTPS

52 %
IPv6

20
Domains

22
Subdomains

22
IPs

4
Countries

1281 kB
Transfer

3639 kB
Size

16
Cookies

58 HTTP transactions
1 data transactions